FROM alpine
MAINTAINER alpine_sshd (admin@attacker.club.com)

# 替换阿里云的源
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.aliyun.com/g' /etc/apk/repositories

# 更新源、安装openssh 并修改配置文件和生成key
RUN apk update && \
    apk add --no-cache openssh tzdata && rm -rf /var/cache/apk/* && \ 
    ssh-keygen -t dsa -P "" -f /etc/ssh/ssh_host_dsa_key && \
    ssh-keygen -t rsa -P "" -f /etc/ssh/ssh_host_rsa_key && \
    ssh-keygen -t ecdsa -P "" -f /etc/ssh/ssh_host_ecdsa_key && \
    ssh-keygen -t ed25519 -P "" -f /etc/ssh/ssh_host_ed25519_key && \
    ssh-keygen -A && \
    sed -i "/PermitRootLogin/c PermitRootLogin yes" /etc/ssh/sshd_config && \
    sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/g' /etc/ssh/sshd_config 

# 自定义配置
RUN echo "root:123456" | chpasswd && \
    echo > /etc/motd && \
    echo '''PS1="\[\e[37;1m\][\[\e[32;1m\]\u\[\e[37;40m\]@\[\e[34;1m\]\h \[\e[0m\]\t \[\e[35;1m\]\W\[\e[37;1m\]]\[\e[m\]/\\$" ''' >>/etc/profile

# # 安全配置,禁止网络工具上传和下载
RUN rm /usr/bin/wget /usr/bin/nc /usr/bin/scp /bin/ping  /usr/bin/traceroute*  /sbin/apk  -f 


# 开放22端口
EXPOSE 22
# 执行ssh启动命令
CMD ["/usr/sbin/sshd", "-D"]

## Build
# docker build -t lghost/sshd . -f sshd.dockerfile
## Run
# docker run --restart=unless-stopped -p 2222:22 --name sshd  lghost/sshd